CVE-2007-4304 : CerbNG for FreeBSD 4.8 does not properly implement VM protection when attempting

CerbNG for FreeBSD 4.8 does not properly implement VM protection when attempting to prevent system call wrapper races, which allows local users to have an unknown impact related to an "incorrect write protection of pages".

Published 2007-08-13 21:17:00

Updated 2025-04-09 00:30:58

Source MITRE

View at NVD, CVE.org

Products affected by CVE-2007-4304

Cerb » Cerbng » Version: 0.1 Freebsd Edition
cpe:2.3:a:cerb:cerbng:0.1:*:freebsd:*:*:*:*:*
Matching versions
When used together with: Freebsd » Freebsd » Version: 4.8
Cerb » Cerbng » Version: 0.2 Freebsd Edition
cpe:2.3:a:cerb:cerbng:0.2:*:freebsd:*:*:*:*:*
Matching versions
When used together with: Freebsd » Freebsd » Version: 4.8
Cerb » Cerbng » Version: 0.3 Freebsd Edition
cpe:2.3:a:cerb:cerbng:0.3:*:freebsd:*:*:*:*:*
Matching versions
When used together with: Freebsd » Freebsd » Version: 4.8
Cerb » Cerbng » Version: 0.4 Freebsd Edition
cpe:2.3:a:cerb:cerbng:0.4:*:freebsd:*:*:*:*:*
Matching versions
When used together with: Freebsd » Freebsd » Version: 4.8

Exploit prediction scoring system (EPSS) score for CVE-2007-4304

EPSS FAQ

0.05%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 11 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2007-4304

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source	First Seen
6.2	MEDIUM	AV:L/AC:H/Au:N/C:C/I:C/A:C	1.9	10.0	NIST
Access Vector: Local Access Complexity: High Authentication: None Confidentiality Impact: Complete Integrity Impact: Complete Availability Impact: Complete

References for CVE-2007-4304

http://www.watson.org/~robert/2007woot/

CVEs referencing this url

Jump to

Vulnerability Details : CVE-2007-4304

Products affected by CVE-2007-4304

Exploit prediction scoring system (EPSS) score for CVE-2007-4304

CVSS scores for CVE-2007-4304

References for CVE-2007-4304